Privacy

William Dillon has been designated as a Certified Information Privacy Professional/United States, by the International Association of Privacy Professionals

William Dillon – Certified Information Privacy Professional
Tallahassee, Fla. (July 24, 2017)

Messer Caparello, P.A., is pleased to announce that William Dillon, a shareholder and attorney practicing in its full-service Tallahassee firm, has been designated as a Certified Information Privacy Professional/United States, “CIPP/US”, by the International Association of Privacy Professionals, “IAPP”. The IAPP is the world’s largest and most comprehensive information privacy organization that helps define, support and improve the privacy professional globally. The CIPP/US designation is awarded to individuals that demonstrate, via experience, training and testing, mastery of privacy related laws and concepts, across all areas, for private sector entities in the United States.

In addition to being designated as a Certified Information Privacy Professional, Mr. Dillon is certified by the Florida Bar as a Specialist in the area of Health Law. He is also holds a certification in healthcare compliance, “CHC”, from the Health Care Compliance Association.

The law firm of Messer Caparello, P.A., located in Tallahassee, Florida, is a full-service legal organization. The firm combines the finest legal traditions of Florida’s “Capital City,” with the creative problem-solving skills necessary to resolve today’s complex legal challenges. The firm and its members embody a spirit of true professionalism, as evidenced by service to the client, to the system of justice, and to the public. As a result, the firm represents a diversity of clients across the full spectrum of judicial, administrative, and public policy forums. www.lawfla.com

Contact: William Dillon, Tanya Weiss, Messer Caparello, P.A., (850) 222-0720 or tweiss@lawfla.comContinue Reading William Dillon has been designated as a Certified Information Privacy Professional/United States, by the International Association of Privacy Professionals

Merry Christmas from the OCR – Dermatology Practice Settles Potential HIPAA Violations

On December 24, 2013 the HHS Office of Civil Rights (“OCR”) and Adult & Pediatric Dermatology, P.C., of Concord, Massachusetts entered into a Resolution Agreement whereby the practice agreed to settle potential violations of the HIPAA privacy and security rules. The potential violations of HIPAA resulted from the theft of an unencrypted thumb drive, containing the ePHI of approximately 2,200 patients, from the car of a practice employee.

Upon being notified of the breach the OCR conducted an investigation and determined that the practice had failed to conduct and accurate and thorough analysis of potential risks to ePHI in the care of the practice. The OCR further determined that the practice did not have adequate written policies and procedures and did not adequately train employees.

The Resolution Agreement entered into between the practice and the OCR requires the practice to make a $150,000.00 payment to the OCR as well as implement a corrective action plan. The Resolution Agreement is not an admission of liability by the practice.

A copy of the Resolution Agreement may be found at:

http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/apderm-resolution-agreement.pdf

Physician practices should view this settlement as clear indication that OCR expects the compliance of all covered entities and not just large entities such as hospitals, universities and managed care entities. Physician practices that are not yet in compliance with the HIPAA privacy and security rules should take the appropriate steps to come into compliance.

William Dillon
Board Certified in Health Law